<?php
class Plugin_AclPlugin extends Zend_Controller_Plugin_Abstract {
    private $_acl = null;

    public function __construct(Zend_Acl $acl) {
        $this->_acl = $acl;
    }

    public function preDispatch(Zend_Controller_Request_Abstract $request) {
    //As in the earlier example, authed users will have the role user

        if ( Zend_Auth::getInstance()->hasIdentity() ) {
            if (Zend_Session::namespaceIsset('Zend_Auth') ){
	            $authSession = new Zend_Session_Namespace('Zend_Auth');
            }

            $userModel = new Model_DbTable_User();
            $user = $userModel->getUserInfo($authSession->userId);  
            $role = strtolower($user['userGroup']);
            
            //For this example, we will use the controller as the resource:
            $resource = $request->getControllerName();
            $action = $request->getActionName();
            
            if(!$this->_acl->isAllowed($role, $resource, $action)) {
              //If the user has no access we send him elsewhere by changing the request
              $request->setControllerName('index')
                      ->setActionName('denied');
            }
        } 
    }
}
